International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
Privacy Preserving Updates for Anonymous and Confidential Databases
Using RSA Algorithm
Ishwarya M. V1, Dr. Ramesh Kumar. K2
1
(Research Scholar,Hindustan University,CSE Department,
Assistant Professor, Sri SaiRam Engineering College, Anna University, India)
2
(Department of Information Technology, Hindustan University, India)
ABSTRACT: This paper aims to speed up the implementation of the RSA algorithm during data transmission between
different communication networks and Internet, which is calculated to generate the keys by a program prepared in a C #
language and then save these values of the keys in the databases created by SQL Server 2008 R2.Privacy is main concern in
the present technological phase in the world. Information security has become a critical issue since the information sharing
has a common need. Thus privacy is becoming an increasingly important issue in many data mining applications in various
fields like medical research, intelligence agencies, hospital records maintenance etc. This paper suggests advancing the
existing database systems and increasing the security and efficiency of the systems. This paper proposes a new concept to
implement a real world anonymous database which improves the secure efficient system for protection of data, restricting the
access to data even by the administrator thus maintaining the secrecy of individual patients. In RSA algorithm identical
database must be used in all networks gateways, the creation of the database controlled by a special protocol programmed in
a C # language called RSA Handshake Database Protocol, the protocol controls each gateway that runs a RSA-Key
Generations Offline according to specific issues and necessaries.
Keywords: privacy, database, security, confidentiality, anonymous, cryptography, RSA, RSA-Key Generations Offline, RSA
Handshake Database Protocol
I. INTRODUCTION
In today’s world databases represent need for increases security. Data in the databases has its own
relevant value. For example; medical data collected by over the history of patients over years is an invaluable
asset, which needs to be secured and can be used by people in various related areas of work. [1]
Nowadays, privacy accidents have become common problem in the information systems. For example, a
hospital may have record of all the patients with various diseases critical and non-critical. If the hospital wishes
to reveal the data to any pharmaceutical company or online market services, it should not be able to infer with
particularity of patients with those diseases. It can give as a statistical view or just the superficial information
such that privacy is not detained.
There are huge numbers of databases that hold numerous confidential information such that people
access those data correlating various information from various databases. Access rights for different users must
be evaluated and information must be disclosed only to particular extent based on the access rights. Disclosure of
confidential information to unauthorized persons may lead to data insecurity leading to dissatisfaction to users.
Example privacy accident which occurred so far are numerous. For example, there was a company which sold
health products online that also revealed the customer names phone numbers credit card numbers etc on the
website. It leads to huge loss of information and breach of privacy. There was another issue when a researcher
was enabled to retrieve health records from anonymous databases of insurance claims of employees.
This paper proposes methods to solve the problem of insecurity in database systems by restricting even
the administrator from accessing the internal information. The proposed architecture implements the real world
anonymous database by implementing the generalization and suppression. It deals with preventing malicious
parties and intrusion using encryption and decryption techniques. The efficiency and security of data can be
achieved by maintaining single database with specific access rights.
II. RELATED WORKS
In the paper [1] the author suggested paper deals with problems concerning that the users without revealing the
contents of tuples and DB, how to preserve data integrity by establishing the anonymity of DB and if the
anonymity is authorized then there is a concern of updating the data. It deals with algorithms for database
anonymization.
This paper shows how privacy is maintained without disclosing the contents of whole databases and
their owner and individual tuples and its owner to eachother.The problem is to check whether the database
connecting the tuple is still k-anonymous, such that no one can view the actual data from, tuples or database.
In the paper [2] the author suggests this paper is about k- anonymity in wireless sensor networks
(WSN).It has a security framework which has two levels of privacy. In this method, some part of the data is
encrypted and the rest of the data is generalized.
www.ijmer.com 3717 | Page
International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
In the paper [3] k-anonymity concept has been welcomed in many organizations to release micro data
without disclosing identity of persons accessing database. The previous k-anonymity techniques implemented in
a common database has breached privacy. It leads to loss of information and privacy accidents. From this first we
have to introduce a k-join-anonymity, which allows better effective generalization and helps to diminish the loss
of data.
In the paper [4] they discuss the relationship between privacy preserving and SMC and problems
involved. It reviews definitions and constructions for secure multiparty computation and discusses the issue of
efficiency and demonstrates the difficulties involved in constructing highly efficient protocols.
In the paper [5] the anonymization tables were introduced. The issue of releasing tables mainly in
relational database consisting of confidential data and how it can be resolved, ensuring personal privacy and also
maintaining integrity. One of the techniques proposed in the literature is k-anonymization.
It is k- anonymous if the data for an individual person contained can’t be eminent from least of k–1
persons all whose data also shows in the same data release.
Providing username and password and also a random salt value to increase the security and efficiency of
the system authentication.
Figure 1: Overview of proposed system
III. BACKGROUND WORK
A. Basics
The existing system has privacy preserving techniques which can be intruded by various sources and
privacy is deterred. The anonymization process and cryptographic techniques are used to enhance the efficiency
and protection of confidential information in the databases.
Anonymous database features are either suppressed or they are generalized as far as each row remains
identical to at least k-1of the other rows. This is where the database is said to be k-anonymous. The Anonymity
thus blocks definite linkages in databases concerning security.
Anonymity gives a definite guarantee that the data is accurately released. The Drawback is the problem
of security occurs since the databases are handled by many sources has to be protected.[5]
Cryptographic algorithms and techniques are methods that help to enhance the security of the system and
therefore preserve integrity. There are many techniques available in the present technology. The shortcoming of
some of the techniques is that they do not provide access rights to the users. Such that for each user has different
needs of accessing the database. [6]
The drawback of existing systems is that there is no strong authentication for the systems. If the
password for authentication is known to intruder the accounts can’t be interrupted and confidential information
may be lost. So the authentication should not be able to break even by the administrator, database maintenance,
etc.
Moreover, updating of data is a problem in the existing systems due to large amount of data fed in the
database. Leads to redundancy and also my lead to loss of valuable information. [6]
Anonymous databases existing do not have proper security and efficiency is low. It can be intruded by
various forces. The existing system with cryptographic techniques existing does not grant access rights to the
users. [1]
B. Proposed system
The proposed system has features enhanced to existing system. The system is provided with facility for
allowing the right users to access into the database by
Proposed system in the figure 1 compares existing data and the updates and make sure there is no
www.ijmer.com 3718 | Page
International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
redundancy and helps to analyses the data in database. K-Anonymization allows database to maintain a
suppressed and generalized form of data such that data is much secured. The cryptography technique is used to
secure the saved data in database safely such that the information is encrypted, stored and can be retrieved and
decrypted back to original with specific authorization.
C. Detailed architectural design
The figure 2 shows the flow of steps followed in the system. It starts with authentication of user. Each
user is provided with username and password registered in system already. There is a salt value authentication
along with password. The authentication user has access to the database and system has particular access rights
for each user. The anonymous database suppresses and generalizes the data according to data value.
The database can be accessed by research centres for gathering statistical data regarding particular
medicines, the percentage of curable medicines. The internal or private information of the patients are not
revealed to the research centre computation. The research people can see the data’s send by the database
according to its access right. And allocate research peoples to each research data. And forward the data to
research people. Here research people can’t do any changes or modifications in patient database they only can
use the database for reference purpose.
Figure 2: Design view of system.
The authorized database updaters can login into the medical. Here also all the details about the database
updater are registered by the admin. And the admin give the authentication details to the particular updater after
getting the authentication details, can login to the database and can start the processes.
The doctor and patient enter all details regarding their treatment details in the database in the hospital.
These details are not disclosed to the research centre.The data can be encrypted and saved and can be decrypted
back to original form when required. [6]
For example, in the proposed system, even the administrator has only restricted access to database, he
can’t access the internal details of each user, and rather he can find how many users are updated and solve issues
regarding users. Individual users are not allowed access to other accounts except their personal record.
Figure 3 shows view of the system for an example patient database where there is a medical database,
where the patient registers their details initially. The doctor can view their necessary information about the
patient and also fix appointments for patients easily. The patients can in turn fix appointments with their doctor in
charge and reduces waiting time for patients due to appointments.
The doctor can in turn update record of patients and their treatments to the patient database. Also the
doctor can and their treatments.
www.ijmer.com 3719 | Page
International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
Figure 3: An example diagram of patient database system implementing the idea
The anonymous database can forward information to research centre which has permissions to access the
information. The research centre access has its own restrictions for use of the data. They can access only
superficial data and whatever data that they have access to. They cannot access the patient details or the
particular patient illness.
Figure 4 shows the flow of activities concerning the system. Firstly, the user is authenticated entry into
the system. After authentication, according to the user access rights the user can access the anonymous databases
in the system. The patient and doctor can perform necessary updates. These data in the anonymous databases can
be access by users according to their privileges. The users can access the information from their profile pages.
After validating the data and access of data users can close and logout from their account.
D. Implementation of RSA Algorithm
1.1. Offline RSA-Key Generations
In this paper we increased the RSA implementation speed by generated keys offline and stored in different
databases before starts using the RSA key pair in encryption/ decryption processes.
RSA-Key Generations Offline is a new software component we developed by using C# language to increases the
speed of RSA implementation [NAG 11] [WEL 01], also we need database engine to save the calculated values
inside two tables, table one includes the values of p, q, n and Ø (n), and table two includes e and d values.
n=p×q (4)
Ø(n) = (p -1)(q-1) (5)
e = relatively prime to Ø(n)- (6)
d = e-1 mod Ø(n)-(7)
1.2. Online Encryption and Decryption Processes
In this paper we proposed four security levels each level has own database and consists of many sets, these levels
identifiers by possibility of e values and the key length see table 1.
The gateways (users) must select the same security level or change the security level before start the encryption
and decryption processes.
We select SQL Server 2008 R2 as database engine for creation the databases and their sets which contents the
keys values, also we select SQL Server 2008 R2 to keep our database saves and secure, by encrypted all data
without increasing database size or impacting performance and it has Guard against security breaches if backups
or disks are lost or stolen.
www.ijmer.com 3720 | Page
International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
Table 1. Security Levels
Security Level Key Length
Low 512 bits
Medium 1024 bits
Medium -High 2048 bits
Security High 4096 bits
In this paper we proposed to use RSA key pair between LAN's / WAN's gateways instead of users.
Using of private and public keys between gateways that means the RSA encryption/decryption algorithm now is
suitable for large amount of data flow between gateways and this infer of uses the RSA-Key Generations
Offline Algorithm, in figure 2.
In this paper we proposed a new protocol called RSA Handshake Database Protocol, this protocol
responsible for creation the identical RSA-Key Generations Offline databases in all network gateways and
organize database update if require and execute the procedure for each new gateway want to use the RSA-Key
Generations Offline database with existing gateways.
The RSA Handshake Database Protocol saves the selected security level (database), which set selected in
the security level (Setid), keys indexes and another data in working information table.
The RSA algorithm starts using the data from working information table for encryption/ decryption
processes between network gateways.
The RSA Handshake Database Protocol controls all initially processes and any changes in the security
levels and key length between the gateways or new gateway would like to join an existing session.
IV. Exchange the keys indexes
In this paper we proposed a new method called Indexes exchange, where we use the Indexes exchange
instead of keys exchange between different gateways, example in table 2 explaining how the indexes will be
exchanged instead of n, e and d values.
Table 2. Example of use the Indexes Exchange instated of keys exchange
Keys Exchange Indexes Exchange
n 160 Nid 00000001
e 7 Eid 000001010010
d 23 Did 110000000001
By using the indexes exchange instead of keys exchange it will be very hard to get the n, e and d values even if
you know the indexes of these values.
V. Experiments and results
With using RSA-Key Generations Offline Algorithm and different keys lengths, the decryption processes is
2.5 times faster than online RSA keys generations.
The timings were made on a 2.8GHz Pentium by using the below factors:
 Block size is 2048 bits.
 Different bandwidths:-
1. 1000 Mbps.
2. 100 Mbps.
3. 4 Mbps.
The figure 3 shows the compare between RSA decryption process by using RSA-Key Generations Offline
method and online RSA key generation's method, decryption by RSA-Key Generations Offline is faster than
using normal RSA key generations.
www.ijmer.com 3721 | Page
International Journal of Modern Engineering Research (IJMER)
www.ijmer.com Vol.2, Issue.5, Sep.-Oct. 2012 pp-3717-3722 ISSN: 2249-6645
VI. Conclusion
In this paper, we speedup the RSA algorithm through developed a new generation keys method called RSA-Key
Generations Offline to generate and saved all keys values in tables within database.
We proposed four security levels, each level has its own database and numbers of sets, these levels
identified according to the e values and keys length, before start using the RSA algorithm between gateways must
get a Ready Acknowledgment from RSA Handshake Database protocol, this protocol responsible for creation or
update the identical gateways database, level selections (Setid) and establishment the algorithm between
gateways.
In this paper we proposed a new method of keys exchange to increase the difficulty for any one knows
the exchanged values between gateways, and then try to get the n, e and values, this method we called Indexes
exchange, where we exchange the indexes Nid, Eid, Did instead of n, e, d values.
REFERENCES
[1] [BAH 10] M. Bahadori, M. R. Mali, O. Sarbishei, M. Atarodi and M. Sharifkhani “A novel approach for
secure and fast generation of RSA public and private keys on SmartCard” NEWCAS Conference
(NEWCAS), 2010 8th IEEE International, 2010, pp. 265-268.
[2] [BLA 00] S. R. Blackburn and S. D. Galbraith “Certification of secure RSA keys” Electronics Letters, vol.
36, pp. 29-30, 2000.
[3] [HGE 06] H. Ge and S. R. Tate “Efficient Authenticated Key-Exchange for Devices with a Trusted
Manager”
[4] Information Technology: New Generations, 2006 (ITNG 2006). Third International Conference on, 2006,
pp. 198-203.
[5] [JOS 08] J. Joshi, et al. “Network Security” Morgan Kaufmann, 2008.
[6] [NAG 11] C. Nagel, B. Evjen, J. Glynn, K. Watson and m. Skinner “Professional C# 2008” Wrox, 2011.
[7] [REN 05] H. Ren-Junn, S. Feng-Fu, Y. Yi-Shiung and C. Chia-Yao “An efficient decryption method for
RSA cryptosystem” Advanced Information Networking and Applications, 2005 (AINA 2005). 19th
International Conference on, 2005, pp. 585-590 vol.1.
[8] [RIV 78] R. L. Rivest, A. Shamir and L. Adleman “A method for obtaining digital signatures and public-key
cryptosystems” Communications of the ACM, vol. 21, pp. 120-126, 1978.
[9] [SEL 89] A. Selby and C. Mitchell “Algorithms for software implementations of RSA” Computers and
Digital Techniques, IEE Proceedings E, vol. 136, pp. 166-170, 1989.
[10] [STA 00] W. Stallings “Network security Essentials: Applications and Standards” Pearson Education India,
2000.
[11] [STA 03] W. Stallings “Cryptography and network security vol. 2” prentice hall, 2003.
[12] [STA 95] W. Stallings “Network and internetwork security: principles and practice” Prentice-Hall, Inc.,
1995.
[13] [TIA 06] C. Tianjie and M. Xianping “Collusion Attack on a Server-Aided Unbalanced RSA Key
Generation Protocol” Communication Technology, 2006(ICCT 2006). International Conference on, 2006,
pp. 1-3.
[14] [WEL 01] M. Welschenbach “Cryptography in C and C++” Springer-Verlag New York, 2001.
www.ijmer.com 3722 | Page